CyberGRX applies machine learning to transform third-party cyber risk management


DENVER–(BUSINESS WIRE)–CyberGRX, provider of the world’s first and largest risk management exchange, today announced the availability of the first in a series of predictive risk intelligence capabilities, Predictive Risk Profile. By leveraging standardized data within the Exchange platform and applying advanced machine learning and data analytics, CyberGRX can now anticipate how individual third parties within a company’s vendor ecosystem will respond to a detailed security assessment questionnaire with an accuracy rate close to 85%. CyberGRX customers can use predictive risk profiles to understand the impact of individual vendors on their cyber risk as well as to understand how they are viewed as third parties by their own customers.

“Third-party cyber risk management has been a difficult problem for many companies. This is largely due to the market misconception that having third parties perform risk assessments equates to better risk management. However, as recent events have shown, this is rarely the case,” said CyberGRX CEO Fred Kneip. “Since our inception, CyberGRX has focused on creating a modern approach to third-party cyber risk management and has proven to the industry that ratings are just one piece of the puzzle in helping solve a problem. wider. Predictive risk profiles will continue to propel the industry away from the hunt for assessments to prioritize and more effectively manage third-party risk.

With over 130,000 companies on the exchange and over 9,000 completed assessments, CyberGRX has an unparalleled depth and breadth of cyber risk data unattainable by other solutions on the market. Predictive risk assessment results are informed by CyberGRX’s proprietary algorithm that analyzes data within the exchange, collected from companies spanning multiple industries and geographies, as well as firmographic information and market data. external analysis from technology partners to produce a comprehensive predictive risk profile. From inherent and residual risk views, to mapping against common and custom frameworks, to analyzing control gaps using threat profiles and real-world cyberattack analytics, the Predictive Risk Profile CyberGRX allows users to monitor and analyze third-party risk through the lens that matters. the most to them.

“With third-party risk management challenges, CyberGRX upstream sharing benefits both customers and service providers. Their new predictive risk intelligence capabilities are very exciting, and I was pleasantly surprised at how accurate they were against our validated results,” said Rory O’Connor, Chief Information Security Officer at Iron Mountain. “I hope more of our customers will take advantage of CyberGRX’s predictive results, which will save considerable time and streamline the third-party risk management process.”

CyberGRX recently ordered a study conducted by Forrester Consulting which surveyed over 300 senior IT leaders and found that 95% of respondents say their organization has encountered a strategic or technological challenge in managing third-party risk. The results clearly showed that the current approach to third-party cyber risk management is broken. First and third parties do not work together, and many organizations’ third-party cyber risk management strategies always rely on solutions that use static spreadsheets or bespoke assessments. And, even when these assessments are collected, the data is not standardized, which means that little can be done with it from an analytical point of view.

“Data without insight is just noise. That’s why CyberGRX has collected the most comprehensive cyber risk data to provide this actionable insights,” said Frank Price, CPO at CyberGRX. “Our predictive risk intelligence capabilities will help clients understand where their critical and high risks lie so they can prioritize their efforts accordingly. As a result, they will be able to reduce the impact of attacks on third parties and mitigate risk quickly and effectively. »

CyberGRX will host two webinars in December to showcase predictive risk profiles.

For the customers: Managing Risk with Data Intelligence: A Revolutionary Approach to Third-Party Cyber ​​Risk Management

For third parties: End the Assessment Hunt: Take Control of Your Cyber ​​Risk Reputation with Predictive Risk Profiles

To learn more about this new feature and stay up to date on all the news surrounding CyberGRX, please visit:

About CyberGRX

CyberGRX standardizes vendor risk management, enabling insights, risk prioritization, and smarter decision making across your third-party ecosystem. Leveraging sophisticated data analytics and automation, real-world attack scenarios, and real-time threat intelligence, CyberGRX provides customers with comprehensive and continuous analysis of their vendor portfolio. Third parties can understand and regain control of their cyber risk by proactively using CyberGRX Exchange to perform and share a single assessment with multiple upstream partners. Based in Denver, CO, CyberGRX was built with partners including Aetna, Blackstone, and MassMutual. For more information:


About Author

Comments are closed.